Largest DDoS of 2011 detected

The largest packet per second distributed denial-of-service (DDoS) attack of the year have been detected.

DDoS protection technology vendor Prolexic said the attack mitigated was the biggest DDoS attack event in 2011 when it comes to packets-per-second (PPS) volume, and it was targeted at "a big Asian customer and its DNS agency".

Prolexic CTO Paul Sop said the attack, occurring between 5 and 12 November, was thrice larger in PPS volume than the most important attack it had mitigated previously, reaching 69 million PPS, a bandwidth of 45Gbps and 15,000 connections per second­.

He said: “These are attack rates that no standalone automated DDoS mitigation appliance or service from an ISP or major carrier will be in a position to successfully mitigate. Attackers used six different attack signatures throughout the event, including a mix of bandwidth-driven Layer 3 and targeted Layer 7 attacks geared toward the organisation's critical application layer.

“Frankly, we're not surprised since we've seen a virtually four-fold increase in packet volume since Q3 2010. This increase reflects an emerging strategy through which attackers directly target a company's DDoS mitigation appliances, that are commonly at risk of such attacks as they can't handle such high PPS rates.”

Using its proprietary mitigation tools and live monitoring strategy, Prolexic said it identified a randomised attack together with the biggest volume of GET, SYN, ICMP, UDP and DNS floods launched in one campaign this year. It also identified that the attack was coming from botnets in multiple worldwide locations and, unlike typical DDoS attacks which are co-ordinated from one geographic source, this attack was done so globally.

Prolexic said it mitigated a complete of 4 separate DDoS attacks over the process the development, which lasted seven days and 20 hours.